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DETAILED ACTION 



Claim Rejections - 35 USC §112 

The following is a quotation of the second paragraph of 35 U.S.C. 112: 

The specification shall conclude with one or more claims particularly pointing out and distinctly 
claiming the subject matter which the applicant regards as his invention. 



2. Claims 30, 42, 54, and 55 rejected under 35 U.S.C. 112, second 
paragraph, as being indefinite for failing to particularly point out and distinctly 
claim the subject matter which applicant regards as the invention. 

3. As to claim 30: 

The term "high" used in "High voltage" is a relative term rendered indefinite for 
having no comparative reference. 

4. As to claim 42 

Claim 42 recites the limitation "the configured user logic" in line 1. There is 
insufficient antecedent basis for this limitation in the claim. 

5. As to claim 54: 

The limitation "about a microamp or less" renders the claim indefinite for failing to 
distinctly claim the range of current draw. 



6. As to claim 55: 
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The limitation "about 10 microamps or less" renders the claim indefinite for failing 
to distinctly claim the range of current draw. 



Claim Rejections - 35 USC § 102 

7. The following is a quotation of the appropriate paragraphs of 35 
U.S.C. 102 that form the basis for the rejections under this section made in this 
Office action: 

A person shall be entitled to a patent unless - 

(a) the invention was known or used by others in this country, or patented or described in a printed 
publication in this or a foreign country, before the invention thereof by the applicant for a patent. 

8. Claims 1, 3, 4, and 5 rejected under 35 U.S.C. 102(a) as being anticipated 
by Garnett, US Patent No 6356637 (hereafter referred to as '637). 

9. As to claim 1: 

'637 teaches a FPGA configuration system using encrypted configuration data 
comprising: 

• Inputting a stream of data comprising unencrypted configuration data to 
the integrated circuit / Inputting configuration data (Col 2, Line 33, '637) 

• encrypting the unencrypted configuration data / Encrypting the 
configuration data (Col 2, Line 34, '637) 

• using a security circuit and a security key / Encryption algorithm utilizes an 
encryption key (Col 2, Line 38, '637) 
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• outputting a stream of encrypted configuration data / inputting encrypted 
configuration data into the FPGA [from encryption logic] (Col 2, Line 46, 
'637) 

10. As to claim 3: 

Configuring the integrated circuit using the unencrypted configuration data / 
distributing the decrypted configuration data to configure the FPGA (Col 2, Line 
48, '637) 

11. As to claim 4: 

Storing the stream of encrypted configuration data in a nonvolatile storage device 
/ Flash PROMs ... easily configure an FPGA (Col 1, Line 6, XPFSP) 

12. As to claim 5: 

Inputting the stream of encrypted configuration data / inputting encrypted 
configuration data into the FPGA [from encryption logic] (Col 2, Line 46, '637) 

Claim Rejections - 35 USC § 103 

13. The following is a quotation of 35 U.S.C. 103(a) which forms the basis for 
all obviousness rejections set forth in this Office action: 

(a) A patent may not be obtained though the invention is not identically disclosed or described 
as set forth in section 102 of this title, if the differences between the subject matter sought to 
be patented and the prior art are such that the subject matter as a whole would have been 
obvious at the time the invention was made to a person having ordinary skill in the art to which 
said subject matter pertains. Patentability shall not be negatived by the manner in which the 
invention was made. 
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14. Claims 2 and 21-24 rejected under 35 U.S.C. 103(a) as being 
unpatentable over '637 in view of Xilinx Programmable FLASH Serial PROMs 
(hereafter referred to as XPFSP). 

As to claim 2: 

15. '637 teaches a FPGA configuration system using encrypted configuration 
data. ( 637 does not specifically teach for the configuration data to be input 
serially. XPFSP teaches an FPGA system\device using many specific device 
attributes including serial transfer of configuration data (Col 1 , Line 6 et seq., 
XPFSP). It would have been obvious to a person of ordinary skill in the art at the 
time of invention to use the FPGA system\device of XPFSP with the encrypted 
configuration system of '637. One of ordinary skill in the art would have been 
motivated to use the FPGA system\device of XPFSP with the encrypted 
configuration system of ( 637 because using serial communications for the 
transfer of configuration data reduces used chip pin count and reduces circuit 
complexity. 

16. As to claim 21: 

Receiving the stream of encrypted configuration data using a microprocessor / in 
'637 as modified above, the storage device of XPFSP receives configuration data 
using a cryptography processor 



17. As to claim 22 - 24: 
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using the microprocessor, writing the encrypted configuration data into a 
nonvolatile storage device / nonvolatile storage device is a serial EPROM or 
serial EEPROM / nonvolatile storage device is a Flash memory / Flash 
programmable PROM (Col 1, Line 2, XPFSP) 

18. Claims 6, 7, and 14 rejected under 35 U.S.C. 103(a) as being 
unpatentable over '637 in view of XPFSP in further view of TCP/IP security. 
As to claims 6, 7, and 14: 

19. '637 as modified above teaches a FPGA configuration system using 
encrypted configuration data. ( 637 as modified above does not teach for the 
configuration data packet to have an encryption header for determining if the 
configuration data packet is encrypted. TCP/IP security teaches an packet 
communications system using a packet header comprising subheaders to 
determine if and how the data packet is encrypted (Page 21 , Line 5, TCP/IP 
security). It would have been obvious to a person of ordinary skill in the art at the 
time of invention to use the encryption packet header system of TCP/IP security 
with the encrypted configuration data communication of '637. One of ordinary 
skill in the art would have been motivated to use the encryption packet header 
system of TCP/IP security with the encrypted configuration data communication 
of '637 because using a packet header to determine packet data content 
characteristics is the standard method and provides simple reliable means for 
coordinating encryption protocol specifics. 
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20. Claims 8, 12, and 35 rejected under 35 U.S.C. 103(a) as being 
unpatentable over '637 in view of XPFSP in further view of TCP/IP security in 
further view of Bruce Schneier, Applied Cryptography (hereafter referred to as 
Schneier). 

As to claim 8: 

21 . '637 as modified above teaches a FPGA configuration system using 
encrypted configuration data and cryptographic keys. '637 as modified above 
does not teach that keys should be generated with a random number generator. 
Schneier teaches key management techniques including key generation stating, 
"good keys are random-bit strings generated by some automatic process" (Page 
173, Line 17, Schneier). It would have been obvious to a person of ordinary skill 
in the art at the time of invention to use a random number generator to generate 
cryptographic keys. One of ordinary skill in the art would have been motivated to 
use a random number generator to generate cryptographic keys because 
perfectly random keys are the hardest keys to be broken by cryptanalysis. 

As to claim 12: 

22. '637 as modified above teaches a FPGA configuration system using 
encrypted configuration data. '637 as modified above does not teach for the 
unencrypted configuration data has approximately the same number of bits as 
the encrypted configuration data. Schneier teaches general cryptographic 
foundations including that with some algorithms the ciphertext is the same size 
as the original plaintext message (Page 2, Line 7, Schneier). It would have been 
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obvious to a person of ordinary skill in the art at the time of invention to use an 
encryption algorithm where the produced ciphertext would have approximately 
the same number of bits as the plaintext. One of ordinary skill in the art would 
have been motivated to use an encryption algorithm where the produced 
ciphertext would have approximately the same number of bits as the plaintext 
because it would represent the minimum data size without first compressing the 
configuration data. 

As to claim 35: 

23. '637 as modified above teaches a FPGA configuration system using 
encrypted configuration data with a cryptographic processor implementing DES 
and CBC mode (Col 6, Line 17, '286). '637 as modified above does not teach to 
use triple DES. Schneier teaches the use of triple DES to heighten algorithm 
security (Page 359, Line 9, Schneier). It would have been obvious to a person of 
ordinary skill in the art at the time of invention to use triple DES with the 
cryptographic processor in the invention of '637 as modified above. One of 
ordinary skill in the art would have been motivated to use triple DES with the 
cryptographic processor in the invention of ( 637 as modified above because triple 
encryption helps improve security. 

24. Claims 9, 11, 13, 19, 25-29, 32-34, and 36 rejected under 35 U.S.C. 
103(a) as being unpatentable over '637 in view of XPFSP in further view of 
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TCP/IP security in further view of Schneier in further view of Pastor et al., US 
Patent No 4878246, (hereafter referred to as '246). 
As to claims 9,11, and 1 3: 

25. '637 as modified above teaches a FPGA configuration system using 
encrypted configuration data and cryptographic keys stored in non-volatile 
registers. '637 as modified above does not teach for the keys to be associated 
with the device ID. '246 teaches a cryptographic communications system using a 
generation of cryptographic keys based on an identification number. It would 
have been obvious to a person of ordinary skill in the art at the time of invention 
to seed the cryptographic key with the device identification as in '246 in the 
invention of '637. One of ordinary skill in the art would have been motivated to 
seed the cryptographic key with the device identification as in '246 with the 
invention of '637 because the possibility that the key may be generated by 
unauthorized personnel unaware of the identification number would be 
substantially reduced (Col 1, Line 8, l 246). 

26. As to claim 19: 

Stream of data is loaded using a JTAG interface of the integrated circuit/ 
Reprogrammed using the JTAG port and then the bit stream is downloaded to 
the FPGA (Col 1, Line 1, XPFSP) 



As to claims 25-27 and 29: 
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27. '637 as modified above teaches a FPGA configuration system using 
encrypted configuration data using flash memory, fusible link PROM, UV- 
EPROM, OTPROM, ferroelectric cells, and laser programmable fuses for storing 
data device ID/key data (Col 5, Line 25 et seq., '637). £ 637 as modified above 
does not explicitly teach for the device ID/Key to be stored on other types of non 
volatile memory such as floating-gate transistors and antifuses. The examiner 
takes official notice as to use antifuses and floating-gate transistors as a 
nonvolatile memory alternatives. It would have been obvious to a person of 
ordinary skill in the art at the time of invention to use antifuses and floating-gate 
transistors as a nonvolatile memory alternatives because antifuses and floating- 
gate transistors represent functionally equivalent nonvolatile memory 
alternatives. 

28. As to claim 28: 

ID register is programmed during manufacture of the integrated circuit/ 
decryption key storage is loadable with the decryption key at the manufacturing 
stage (Col 5, Line 33, l 637) 

29. As to claim 32: 

• security key has a fixed value / decryption key storage is loadable with the 
decryption key at the manufacturing stage (Col 5, Line 33, '637) 

♦ generating an initial value for the security circuit / cryptographic keys 
based on an identification number (Col 1, Line 7, '246) 
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• outputting the initial value / it is inherent to the '637 as modified above that 
during the manufacturing stage an integrated circuit must output the initial 
value for it to be loaded into the decryption key storage 

30. As to claim 33: 

unencrypted configuration data is encrypted using the initial value / Encrypting 
the configuration data (Col 2, Line 34, '637) 

31. As to claim 34: 

initial value is generated using a random number generator / "good keys are 
random-bit strings generated by some automatic process" (Page 173, Line 17, 
Schneier) 

As to claim 36: 

32. '637 as modified above teaches a FPGA configuration system using 
encrypted configuration data using a Device ID/key register to store the Device 
ID/key. '637 as modified above does not teach for the Device ID register to be 
implemented using an error correcting code scheme. Schneier teaches a key 
error detection techniques used to protect cryptographic keys (Page 178, Line 33 
et seq,. Schneier). It would have been obvious to a person of ordinary skill in the 
art at the time of invention to use the key error detection techniques listed in 
Schneier with the invention of '637 as modified above. One of ordinary skill in 
the art would have been motivated to use the key error detection techniques 
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listed in Schneier with the invention of '637 as modified above because using key 
error detection can prevent the generation of garbled and undecipherable text. 

33. Claims 10, and 15-17 rejected under 35 U.S.C. 103(a) as being 
unpatentable over '637 in view of XPFSP in further view of TCP/IP security in 
further view of Schneier in further view of '246 in further view of Xilinx XC4000. 
As to claim 10: 

34. '637 as modified above teaches a FPGA configuration system using 
encrypted configuration data messages and encryption and authentication 
message header preambles (Page 21, Fig 12, XPFSP). '637 as modified above 
does not specifically teach that the configuration data should comprise preamble, 
header, and initial value. Xilinx teaches an FPGA with configuration data further 
comprising Initial value / Start Field (Page 166, Table 9, Xilinx). It would have 
been obvious to a person of ordinary skill in the art at the time of invention to use 
the Xilinx FPGA configuration data with the secure FPGA configuration system of 
'637 as modified above. One of ordinary skill in the art would have been 
motivated to use the Xilinx FPGA configuration data with the secure FPGA 
configuration system of '637 as modified above because the Xilinx FPGA is one 
of the most readily available FPGAs on the market and is a standard for 
compatability. 



35. As to claims 15: 
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Integrated circuit can determine whether the stream of data is for a previous 
version of without a security scheme / Authentication Header and Encryption 
Header serve as security options (Page 18, Line 1, TCP/IP Security) 

36. As to claim 16: 

A integrated circuit with a security scheme will be backwards compatible with 
versions of the integrated circuit without the security scheme / Authentication 
Header and Encryption Header serve as security options (Page 18, Line 1, 
TCP/IP Security) 

37. As to claim 17: 

Processing the stream of data based on preamble value determining security 
scheme / See rejection for claim 6 

38. Claims 18 and 31 rejected under 35 U.S.C. 103(a) as being unpatentable 
over '637 in view of XPFSP in further view of TCP/IP security in further view of 
Schneier in further view of '246 in further view of Xilinx XC4000 in further view of 
Roseili, US Patent No 5036468 (hereafter referred to as '468). 

As to claim 18: 

39. '637 as modified above teaches a FPGA configuration system using 
encrypted configuration data storing security key in nonvolatile memory. '637 as 
modified above does not teach the use of a battery back up as a method of non 
volatile storage. '468 teaches using battery-backed register memory as non 
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volatile memory storage. It would have been obvious to a person of ordinary skill 
in the art at the time of invention to use battery-backed register memory as non- 
volatile memory storage in the invention of '637 as modified above. One of 
ordinary skill in the art would have been motivated to use battery-backed register 
memory as non-volatile memory storage in the invention of '637 as modified 
above because this provides a simple low cost solution for non-volatile storage. 

40. As to claim 31: 

external battery is coupled to a first power supply terminal to the ID register, and 
a second power supply terminal for non-backed up circuits is not coupled to the 
external battery / It is inherent to '637 as modified above that power supplying 
backup battery is used in addition to the standard system power supply. See 
rejection for claim 18. 

41 . Claim 20 rejected under 35 U.S.C. 103(a) as being unpatentable over '637 
in view of XPFSP in further view of Lai et al, US Patent No 6324286 hereafter 
referred to as '286. 

As to claim 20: 

42. '637 as modified above teaches a FPGA configuration system using 
encrypted configuration data. '637 does not specifically teach the processing 
means to encrypt the configuration data. '286 teaches a cryptographic processor 
for encrypting and outputting data in several possible modes. It would have been 
obvious to a person of ordinary skill in the art at the time of invention to use a 
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cryptographic processor as in '286 for the encryption and output of configuration 
data. One of ordinary skill in the art would have been motivated to use a 
cryptographic processor as in '286 for the encryption and output of configuration 
data because encryption must be accomplished by some processing means, and 
cryptographic processors provide a specialized efficient method for encryption. 

43. Claim 37, 38, and 43 rejected under 35 U.S.C. 103(a) as being 
unpatentable over '637 in view of Hair, US Patent No 6615349 (hereafter referred 
to as '349). 

As to claim 37: 

l 637 teaches a FPGA configuration system using encrypted configuration data 
comprising: 

• Inputting a stream of data comprising unencrypted configuration data to 
the integrated circuit / Inputting configuration data (Col 2, Line 33, '637) 

• encrypting the unencrypted configuration data / Encrypting the 
configuration data (Col 2, Line 34, '637) 

• using a security circuit and a security key / Encryption algorithm utilizes an 
encryption key (Col 2, Line 38, l 637) 

• outputting a stream of encrypted configuration data / inputting encrypted 
configuration data into the FPGA [from encryption logic] (Col 2, Line 46, 
'637) 

44. '637 does not teach to first obtain the file from a network employing an 
encrypted communications channel. '349 teaches a secure communication 
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system that retrieves a file from the internet using cryptographic communications 
(Col 20, Line 25 et seq., '349). It would have been obvious to a person of 
ordinary skill in the art at the time of invention to retrieve the file over the Internet 
using cryptographic communications as in '349 in the invention of '637. One of 
ordinary skill in the art would have been motivated to retrieve the file over the 
Internet using cryptographic communications as in '349 in the invention of '637 
because doing so helps to "prevent unauthorized use of replication of the 
computer files or programs" (Col 5, Line 6, '349). 

45. As to claim 38: 

outputting a stream of encrypted configuration data / inputting encrypted 
configuration data into the FPGA [from encryption logic] (Col 2, Line 46, '637) 

46. As to claim 43: 

Configuring the integrated circuit using the unencrypted configuration data / 
distributing the decrypted configuration data to configure the FPGA (Col 2, Line 
48, '637) 

47. Claim 39, 40, and 44 rejected under 35 U.S.C. 103(a) as being 
unpatentable over '637 in view of '349 in further view of XPFSP. 

As to claims 39 and 44: 

48. '637 as modified above teaches a FPGA configuration system using 
encrypted configuration data retrieved from a network using cryptographic 
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communications. '637 as modified above does not specifically teach for the 
configuration data to be input serially from a nonvolatile storage device. XPFSP 
teaches an FPGA system\device using many specific device attributes including 
storing configuration data in a nonvolatile storage device (Col 1, Line 6, XPFSP). 
It would have been obvious to a person of ordinary skill in the art at the time of 
invention to use the FPGA system\device of XPFSP with the encrypted 
configuration system of '637. One of ordinary skill in the art would have been 
motivated to use the FPGA system\device of XPFSP with the encrypted 
configuration system of '637 because it is the standard convention to configure 
FPGAs from nonvolatile storage devices. 

49. As to claim 40: 

Nonvolatile storage device is serial EPROM / Programmable FLASH serial 
PROMs (Page 21, XPFSP) 

50. Claims 41 rejected under 35 U.S.C. 103(a) as being unpatentable over 
'637 in view of '349 in further view of XPFSP in further view of '246. 

As to claims 41: 

51 . '637 as modified above teaches a FPGA configuration system using 
encrypted configuration data and cryptographic keys stored in non-volatile 
registers. '637 as modified above does not teach for the keys to be associated 
with the device ID. '246 teaches a cryptographic communications system using a 
generation of cryptographic keys based on an identification number. It would 
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have been obvious to a person of ordinary skill in the art at the time of invention 
to seed the cryptographic key with the device identification as in '246 in the 
invention of '637. One of ordinary skill in the art would have been motivated to 
seed the cryptographic key with the device identification as in '246 with the 
invention of '637 because the possibility that the key may be generated by 
unauthorized personnel unaware of the identification number would be 
substantially reduced (Col 1, Line 8, '246). 

52. Claims 45 rejected under 35 U.S.C. 103(a) as being unpatentable over 
As to claim 45: 

53. '637 as modified above teaches a FPGA configuration system using 
encrypted configuration data. ( 637 does not specifically teach the processing 
means to encrypt the configuration data. '286 teaches a cryptographic processor 
for encrypting and outputting data in several possible modes. It would have been 
obvious to a person of ordinary skill in the art at the time of invention to use a 
cryptographic processor as in '286 for the encryption and output of configuration 
data. One of ordinary skill in the art would have been motivated to use a 
cryptographic processor as in '286 for the encryption and output of configuration 
data because encryption must be accomplished by some processing means, and 
cryptographic processors provide a specialized efficient method for encryption. 

54. '637 as modified above teaches a FPGA configuration system using 
encrypted configuration data with a cryptographic processor implementing DES 
and CBC mode (Col 6, Line 17, '286). '637 as modified above does not teach to 
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use triple DES. Schneier teaches the use of triple DES to heighten algorithm 
security (Page 359, Line 9, Schneier). It would have been obvious to a person of 
ordinary skill in the art at the time of invention to use triple DES with the 
cryptographic processor in the invention of '637 as modified above. One of 
ordinary skill in the art would have been motivated to use triple DES with the 
cryptographic processor in the invention of '637 as modified above because triple 
encryption helps improve security. 

55. Claim 46-53 rejected under 35 U.S.C. 103(a) as being unpatentable over 
( 637 in view of XPFSP in further view of '349 in further view of '286 in further view 
of Schneier in further view of TCP/IP security in further view of '246 in further 
view of Xilinx XC4000 in further view '468. 

56. As to claims 46-53: 

Claims 46-53 correspond to claims 1-45 in various concomitant elements and are 
rejected accordingly. 

Conclusion 

57. Any inquiry concerning this communication or earlier communications from 
the examiner should be directed to Jonathan R Adams whose telephone number 
is (703) 305-8894. The examiner can normally be reached on Monday - Friday 
from 10am to 6pm. 
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58. If attempts to reach the examiner by telephone are unsuccessful, the 
examiner's supervisor, Gregory Morse, can be reached on (703) 308-4789. The 
fax phone number for the organization where this application or proceeding is 
assigned is (703) 872-9306. Any inquiry of a general nature or relating to the 
status of this application or proceeding should be directed to the receptionist 
whose telephone number is (703) 305-3900. 
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